GNOME Bugzilla – Bug 725924
pull: delete temp files if they appear corrupted
Last modified: 2014-03-09 14:59:25 UTC
Ok done, I have your proxy.pl running. All I see is: error: File header size 963000419 exceeds size 130 Which is pretty much expected since we're returning corrupted GVariant data. Ok, right I see, it looks like then after removing the proxy, further upgrades continuously fail since we're trying to work on top of the partially fetched object. This is a little tricky to fix because the whole point of saving the temp file is to resume partial downloads if we were interrupted, so I need to distinguish between "temp file is corrupted" versus "download was interrupted".
Created attachment 271289 [details] [review] pull: Ensure temporary data that appears corrupted is deleted If a MITM attacker (or just network corruption) causes a temporary downloaded object in tmp/ to be corrupted, we'll end up continually trying to commit it, and fail. Fix this unlinking the temp file immediately after opening it. This will ensure that if we exit due to an error (or crash), the kernel will clean up the space for us.
See https://mail.gnome.org/archives/ostree-list/2014-March/msg00004.html
Review of attachment 271289 [details] [review]: OK.
Attachment 271289 [details] pushed as c2123bf - pull: Ensure temporary data that appears corrupted is deleted